Skip to content
Permalink
Browse files
Implement bash scripts to provisioner fineract cn services
  • Loading branch information
Anh3h committed Sep 22, 2019
1 parent ec6397d commit 8ae755b046282f82f6fd1cf74f9924b25510cdda
Showing 6 changed files with 356 additions and 9 deletions.
@@ -5,10 +5,25 @@ This project contains Docker Compose Scripts for running Fineract CN especially
- Docker
- Docker-compose

## Automatic or manual provisioning
## Deploy and provision Fineract CN

You can either try to provision automatically using bash script `bash start-up.sh`
Or you could achieve the same state by manually following the instructions below:
You can either deploy and provision Fineract CN automatically using bash scripts or manually using postman.

## 1. Deploy Fineract automtically using bash scripts

- To start up all the Fineract CN services run:

`bash start-up.sh`
- Then log the last Fineract CN microservice deployed by docker compose (fineract-cn-notification) to make sure all your Fineract services are now available.

`docker logs -f fineract-cn-docker-compose_notifications-ms_1`
- Finally provison the microservices by

`cd bash_scripts`

`bash provision.sh playground` #where playground is your tenant name

## 2. Deploy Fineract manually using postman

## Perquisites

@@ -37,7 +52,7 @@ docker-compose up
First only start provisioner-ms by running following in project root:

```
docker-compose up provisioner-ms
docker-compose up provisioner-ms
```
after it has started (and created table seshat to postgres) stop it.
This is just to make sure provisioner gets to create the database the other services require.
@@ -0,0 +1,311 @@
#!/bin/bash
set -e

function init-variables {
CASSANDRA_REPLICATION_TYPE="Simple"
CASSANDRA_CONTACT_POINTS="cassandra:9042"
CASSANDRA_CLUSTER_NAME="Datacenter1"
CASSANDRA_REPLICAS="1"

POSTGRES_DRIVER_CLASS="org.postgresql.Driver"
POSTGRES_HOST="postgres"
POSTGRES_PWD="postgres"
POSTGRESQL_PORT="5432"
POSTGRESQL_USER="postgres"

PROVISIONER_URL="http://provisioner-ms:2020/provisioner/v1"
IDENTITY_URL="http://identity-ms:2021/identity/v1"
RHYTHM_URL="http://rhythm-ms:2022/rhythm/v1"
OFFICE_URL="http://office-ms:2023/office/v1"
CUSTOMER_URL="http://customer-ms:2024/customer/v1"
ACCOUNTING_URL="http://accounting-ms:2025/accounting/v1"
PORTFOLIO_URL="http://portfolio-ms:2026/portfolio/v1"
DEPOSIT_URL="http://deposit-account-management-ms:2027/deposit/v1"
TELLER_URL="http://teller-ms:2028/teller/v1"
REPORT_URL="http://reporting-ms:2029/report/v1"
CHEQUES_URL="http://cheques-ms:2030/cheques/v1"
PAYROLL_URL="http://payroll-ms:2031/payroll/v1"
GROUP_URL="http://group-ms:2032/group/v1"
NOTIFICATIONS_URL="http://notifications-ms:2033/notification/v1"

MS_VENDOR="Apache Fineract"
IDENTITY_MS_NAME="identity-v1"
RHYTHM_MS_NAME="rhythm-v1"
OFFICE_MS_NAME="office-v1"
CUSTOMER_MS_NAME="customer-v1"
ACCOUNTING_MS_NAME="accounting-v1"
PORTFOLIO_MS_NAME="portfolio-v1"
DEPOSIT_MS_NAME="deposit-v1"
TELLER_MS_NAME="teller-v1"
REPORT_MS_NAME="report-v1"
CHEQUES_MS_NAME="cheques-v1"
PAYROLL_MS_NAME="payroll-v1"
GROUP_MS_NAME="group-v1"
NOTIFICATIONS_MS_NAME="notification-v1"
}

function auto-seshat {
TOKEN=$( curl -s -X POST -H "Content-Type: application/json" \
"$PROVISIONER_URL"'/auth/token?grant_type=password&client_id=service-runner&username=wepemnefret&password=oS/0IiAME/2unkN1momDrhAdNKOhGykYFH/mJN20' \
| jq --raw-output '.token' )
}

function login {
local tenant="$1"
local username="$2"
local password="$3"

ACCESS_TOKEN=$( curl -s -X POST -H "Content-Type: application/json" -H "User: guest" -H "X-Tenant-Identifier: $tenant" \
"${IDENTITY_URL}/token?grant_type=password&username=${username}&password=${password}" \
| jq --raw-output '.accessToken' )
}

function create-application {
local name="$1"
local description="$2"
local vendor="$3"
local homepage="$4"

curl -H "Content-Type: application/json" -H "User: wepemnefret" -H "Authorization: ${TOKEN}" \
--data '{ "name": "'"$name"'", "description": "'"$description"'", "vendor": "'"$vendor"'", "homepage": "'"$homepage"'" }' \
${PROVISIONER_URL}/applications
echo "Created microservice: $name"
}

function get-application {
echo ""
echo "Microservices: "
curl -s -H "Content-Type: application/json" -H "User: wepemnefret" -H "Authorization: ${TOKEN}" ${PROVISIONER_URL}/applications | jq '.'
}

function delete-application {
local service_name="$1"

curl -X delete -H "Content-Type: application/json" -H "User: wepemnefret" -H "Authorization: ${TOKEN}" ${PROVISIONER_URL}/applications/${service_name}
echo "Deleted microservice: $name"
}

function create-tenant {
local identifier="$1"
local name="$2"
local description="$3"
local database_name="$4"

curl -H "Content-Type: application/json" -H "User: wepemnefret" -H "Authorization: ${TOKEN}" \
--data '{
"identifier": "'"$identifier"'",
"name": "'"$name"'",
"description": "'"$description"'",
"cassandraConnectionInfo": {
"clusterName": "'"$CASSANDRA_CLUSTER_NAME"'",
"contactPoints": "'"$CASSANDRA_CONTACT_POINTS"'",
"keyspace": "'"$database_name"'",
"replicationType": "'"$CASSANDRA_REPLICATION_TYPE"'",
"replicas": "'"$CASSANDRA_REPLICAS"'"
},
"databaseConnectionInfo": {
"driverClass": "'"$POSTGRES_DRIVER_CLASS"'",
"databaseName": "'"$database_name"'",
"host": "'"$POSTGRES_HOST"'",
"port": "'"$POSTGRES_PORT"'",
"user": "'"$POSTGRES_USER"'",
"password": "'"$POSTGRES_PWD"'"
}}' \
${PROVISIONER_URL}/tenants
echo "Created tenant: $database_name"
}

function get-tenants {
echo ""
echo "Tenants: "
curl -s -H "Content-Type: application/json" -H "User: wepemnefret" -H "Authorization: ${TOKEN}" ${PROVISIONER_URL}/tenants | jq '.'
}

function assign-identity-ms {
local tenant="$1"

ADMIN_PASSWORD=$( curl -s -H "Content-Type: application/json" -H "User: wepemnefret" -H "Authorization: ${TOKEN}" -H "X-Tenant-Identifier: $tenant" \
--data '{ "name": "'"$IDENTITY_MS_NAME"'" }' \
${PROVISIONER_URL}/tenants/${tenant}/identityservice | jq --raw-output '.adminPassword')
echo "Assigned identity microservice for tenant $tenant"
}

function get-tenant-services {
local tenant="$1"

echo ""
echo "$tenant services: "
curl -s -H "Content-Type: application/json" -H "User: wepemnefret" -H "Authorization: ${TOKEN}" -H "X-Tenant-Identifier: $tenant" ${PROVISIONER_URL}/tenants/$tenant/applications | jq '.'
}

function create-scheduler-role {
local tenant="$1"

curl -H "Content-Type: application/json" -H "User: antony" -H "Authorization: ${ACCESS_TOKEN}" -H "X-Tenant-Identifier: $tenant" \
--data '{
"identifier": "scheduler",
"permissions": [
{
"permittableEndpointGroupIdentifier": "identity__v1__app_self",
"allowedOperations": ["CHANGE"]
},
{
"permittableEndpointGroupIdentifier": "portfolio__v1__khepri",
"allowedOperations": ["CHANGE"]
}
]
}' \
${IDENTITY_URL}/roles
echo "Created scheduler role"
}

function create-org-admin-role {
local tenant="$1"

curl -H "Content-Type: application/json" -H "User: antony" -H "Authorization: ${ACCESS_TOKEN}" -H "X-Tenant-Identifier: $tenant" \
--data '{
"identifier": "orgadmin",
"permissions": [
{
"permittableEndpointGroupIdentifier": "office__v1__employees",
"allowedOperations": ["READ", "CHANGE", "DELETE"]
},
{
"permittableEndpointGroupIdentifier": "office__v1__offices",
"allowedOperations": ["READ", "CHANGE", "DELETE"]
},
{
"permittableEndpointGroupIdentifier": "identity__v1__users",
"allowedOperations": ["READ", "CHANGE", "DELETE"]
},
{
"permittableEndpointGroupIdentifier": "identity__v1__roles",
"allowedOperations": ["READ", "CHANGE", "DELETE"]
},
{
"permittableEndpointGroupIdentifier": "identity__v1__self",
"allowedOperations": ["READ", "CHANGE", "DELETE"]
},
{
"permittableEndpointGroupIdentifier": "accounting__v1__ledger",
"allowedOperations": ["READ", "CHANGE", "DELETE"]
},
{
"permittableEndpointGroupIdentifier": "accounting__v1__account",
"allowedOperations": ["READ", "CHANGE", "DELETE"]
}
]
}' \
${IDENTITY_URL}/roles
echo "Created organisation administrator role"
}

function create-user {
local tenant="$1"
local user="$2"
local user_identifier="$3"
local password="$4"
local role="$5"

curl -s -H "Content-Type: application/json" -H "User: $user" -H "Authorization: ${ACCESS_TOKEN}" -H "X-Tenant-Identifier: $tenant" \
--data '{
"identifier": "'"$user_identifier"'",
"password": "'"$password"'",
"role": "'"$role"'"
}' \
${IDENTITY_URL}/users | jq '.'
echo "Created user: $user_identifier"
}

function get-users {
local tenant="$1"
local user="$2"

echo ""
echo "Users: "
curl -s -H "Content-Type: application/json" -H "User: $user" -H "Authorization: ${ACCESS_TOKEN}" -H "X-Tenant-Identifier: $tenant" ${IDENTITY_URL}/users | jq '.'
}

function update-password {
local tenant="$1"
local user="$2"
local password="$3"

curl -s -X PUT -H "Content-Type: application/json" -H "User: $user" -H "Authorization: ${ACCESS_TOKEN}" -H "X-Tenant-Identifier: $tenant" \
--data '{
"password": "'"$password"'"
}' \
${IDENTITY_URL}/users/${user}/password | jq '.'
echo "Updated $user password"
}

function provision-app {
local tenant="$1"
local service="$2"

curl -s -X PUT -H "Content-Type: application/json" -H "User: wepemnefret" -H "Authorization: ${TOKEN}" \
--data '[{ "name": "'"$service"'" }]' \
${PROVISIONER_URL}/tenants/${tenant}/applications | jq '.'
echo "Provisioned microservice, $service for tenant, $tenant"
}

function set-application-permission-enabled-for-user {
local tenant="$1"
local service="$2"
local permission="$3"
local user="$4"

curl -s -X PUT -H "Content-Type: application/json" -H "User: $user" -H "Authorization: ${ACCESS_TOKEN}" -H "X-Tenant-Identifier: $tenant" \
--data 'true' \
${IDENTITY_URL}/applications/${service}/permissions/${permission}/users/${user}/enabled | jq '.'
echo "Enabled permission, $permission for service $service"
}

init-variables
auto-seshat
create-application "$IDENTITY_MS_NAME" "" "$MS_VENDOR" "$IDENTITY_URL"
create-application "$RHYTHM_MS_NAME" "" "$MS_VENDOR" "$RHYTHM_URL"
create-application "$OFFICE_MS_NAME" "" "$MS_VENDOR" "$OFFICE_URL"
create-application "$CUSTOMER_MS_NAME" "" "$MS_VENDOR" "$CUSTOMER_URL"
create-application "$ACCOUNTING_MS_NAME" "" "$MS_VENDOR" "$ACCOUNTING_URL"
create-application "$PORTFOLIO_MS_NAME" "" "$MS_VENDOR" "$PORTFOLIO_URL"
create-application "$DEPOSIT_MS_NAME" "" "$MS_VENDOR" "$DEPOSIT_URL"
create-application "$TELLER_MS_NAME" "" "$MS_VENDOR" "$TELLER_URL"
create-application "$REPORT_MS_NAME" "" "$MS_VENDOR" "$REPORT_URL"
create-application "$CHEQUES_MS_NAME" "" "$MS_VENDOR" "$CHEQUES_URL"
create-application "$PAYROLL_MS_NAME" "" "$MS_VENDOR" "$PAYROLL_URL"
create-application "$GROUP_MS_NAME" "" "$MS_VENDOR" "$GROUP_URL"
create-application "$NOTIFICATIONS_MS_NAME" "" "$MS_VENDOR" "$NOTIFICATIONS_URL"

#Set tenant identifier
TENANT=$1
create-tenant ${TENANT} "${TENANT}" "All in one Demo Server" ${TENANT}
assign-identity-ms ${TENANT}
login ${TENANT} "antony" $ADMIN_PASSWORD
create-scheduler-role ${TENANT}
create-user ${TENANT} "antony" "imhotep" "p4ssw0rd" "scheduler"
login ${TENANT} "imhotep" "p4ssw0rd"
update-password ${TENANT} "imhotep" "p4ssw0rd"
provision-app ${TENANT} $RHYTHM_MS_NAME
login ${TENANT} "imhotep" "p4ssw0rd"
# Rhythm is not available at the moment
# set-application-permission-enabled-for-user ${TENANT} $RHYTHM_MS_NAME "identity__v1__app_self" "imhotep"
provision-app ${TENANT} $OFFICE_MS_NAME
provision-app ${TENANT} $ACCOUNTING_MS_NAME
provision-app ${TENANT} $PORTFOLIO_MS_NAME
# Rhythm is not available at the moment
# set-application-permission-enabled-for-user ${TENANT} $RHYTHM_MS_NAME "portfolio__v1__khepri" "imhotep"
provision-app ${TENANT} $CUSTOMER_MS_NAME
provision-app ${TENANT} $DEPOSIT_MS_NAME
provision-app ${TENANT} $TELLER_MS_NAME
provision-app ${TENANT} $REPORT_MS_NAME
provision-app ${TENANT} $CHEQUES_MS_NAME
provision-app ${TENANT} $PAYROLL_MS_NAME
provision-app ${TENANT} $GROUP_MS_NAME
provision-app ${TENANT} $NOTIFICATIONS_MS_NAME
login ${TENANT} "antony" $ADMIN_PASSWORD
create-org-admin-role ${TENANT}
create-user ${TENANT} "antony" "operator" "init1@l23" "orgadmin"
login ${TENANT} "operator" "init1@l"

echo "COMPLETED PROVISIONING PROCESS."
@@ -157,6 +157,7 @@ services:
eureka.instance.hostname: ${EUREKA_INSTANCE_HOSTNAME}
postgresql.host: ${POSTGRESQL_HOST}
ribbon.listOfServers: ${RIBBON_EUREKA_SERVER}
spring.datasource.url: jdbc:postgresql://${POSTGRESQL_HOST}:${POSTGRESQL_PORT}/seshat
system.publicKey.exponent: ${PUBLIC_KEY_EXPONENT}
system.publicKey.modulus: ${PUBLIC_KEY_MODULUS}
system.publicKey.timestamp: ${PUBLIC_KEY_TIMESTAMP}
@@ -39,6 +39,10 @@ services:
postgres:
image: postgres:11
container_name: postgres
command:
- "postgres"
- "-c"
- "max_connections=200"
environment:
POSTGRES_USER: postgres
POSTGRES_PASSWORD: postgres
@@ -0,0 +1,8 @@
#!/bin/sh

docker-compose down --remove-orphans
cd external_tools/
docker-compose down
cd ..
docker volume rm external_tools_cassandra-volume
docker volume rm external_tools_postgres-volume

0 comments on commit 8ae755b

Please sign in to comment.